Programmatic Deployment

Regular Visitor

Hello, 

 

I'm investigating automating an Azure Sentinel deployment, however, I can't see anything in the ARM reference for Azure Sentinel.

 

https://docs.microsoft.com/en-us/azure/templates/microsoft.security/allversions

 

Could you share how one might deploy & configure Azure Sentinel programmatically?

 

Cheers,

BG

4 Replies

@bytemech There is nothing available now (believe me I have been bugging anyone I know to try to get some information on it) but I was told it would be coming soon.  No firm date that I know of yet.

@bytemech 

 

No planned date yet.

Hi ,

How do you guys manage your configurations (Analytics rules, Playbook, Workbooks, Data Connectors) ? 

Do you keep a copy on a private DevOps project and deploy the configuration manually ? (could be automate for the PlayBook ..)
or just configure the solution without any copies in DevOps ...

A solution could be https://github.com/wortell/AZSentinel.
This module allow us create , remove, update Sentinel rules :)